NVD

Id
18728  
Name
CVE-2016-2521  
Description
Untrusted search path vulnerability in the WiresharkApplication class in ui/qt/wireshark_application.cpp in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 on Windows allows local users to gain privileges via a Trojan horse riched20.dll.dll file in the current working directory, related to use of QLibrary.  
Reject
 
CVSS Version
2  
CVSS Score
7.2  
Severity
High  
CVSS Base Score
7.2  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2016-02-27  
Modified Date
2016-12-02  
Seq
2016-2521  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
103465 18728 CVE-2016-2521 http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html  View
103466 18728 CVE-2016-2521 http://www.wireshark.org/security/wnpa-sec-2016-01.html  View
103467 18728 CVE-2016-2521 https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4a79cf2e1ab056faaddd252aa56520435b318a56  View
103468 18728 CVE-2016-2521 GLSA-201604-05  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
767 JVNDB-2016-001540 Windows 上で稼動する Wireshark の ui/qt/wireshark_application.cpp の WiresharkApplication クラスにおける権限を取得される脆弱性 Windows 上で稼動する Wireshark の ui/qt/wireshark_application.cpp の WiresharkApplication クラスには、検索パスに関する処理に不備があるため、権限を取得される脆弱性が存在します。 CVE-2016-2521 89027 CVE-2016-2521 18728 7.2 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-001540.html 2016-02-26 2016-11-17 View